From 7017d86b45d8e6d71f21107812f5a0ef37441fc9 Mon Sep 17 00:00:00 2001 From: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com> Date: Sun, 27 Mar 2022 04:55:29 +0000 Subject: [PATCH] Pinned action by SHA and included the URL for verification --- .github/workflows/build-blog-only.yml | 4 ++-- .github/workflows/build-perf.yml | 10 +++++----- .github/workflows/canary-release.yml | 4 ++-- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/lighthouse-report.yml | 10 +++++----- .github/workflows/lint.yml | 4 ++-- .github/workflows/showcase-test.yml | 4 ++-- .github/workflows/tests-e2e.yml | 16 ++++++++-------- .github/workflows/tests-swizzle.yml | 4 ++-- .github/workflows/tests-windows.yml | 4 ++-- .github/workflows/tests.yml | 4 ++-- 11 files changed, 35 insertions(+), 35 deletions(-) diff --git a/.github/workflows/build-blog-only.yml b/.github/workflows/build-blog-only.yml index c5e83a3df520..9f6f7c6aa5a7 100644 --- a/.github/workflows/build-blog-only.yml +++ b/.github/workflows/build-blog-only.yml @@ -13,8 +13,8 @@ jobs: timeout-minutes: 30 runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: actions/setup-node@v3 + - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 https://api.github.com/repos/actions/checkout/git/tags/b0e28b5ac45a892f91e7d036f8200cf5ed489415 + - uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3 https://api.github.com/repos/actions/setup-node/git/commits/9ced9a43a244f3ac94f13bfd896db8c8f30da67a with: node-version: '16' cache: yarn diff --git a/.github/workflows/build-perf.yml b/.github/workflows/build-perf.yml index ad7b3c5c247b..ae5afd517724 100644 --- a/.github/workflows/build-perf.yml +++ b/.github/workflows/build-perf.yml @@ -18,12 +18,12 @@ jobs: timeout-minutes: 30 runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: actions/setup-node@v3 + - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 https://api.github.com/repos/actions/checkout/git/tags/b0e28b5ac45a892f91e7d036f8200cf5ed489415 + - uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3 https://api.github.com/repos/actions/setup-node/git/commits/9ced9a43a244f3ac94f13bfd896db8c8f30da67a with: node-version: '16' cache: yarn - - uses: preactjs/compressed-size-action@v2 + - uses: preactjs/compressed-size-action@8119d3d31b6e57b167e09c81dfa877eada3bcb35 # v2 https://api.github.com/repos/preactjs/compressed-size-action/git/commits/8119d3d31b6e57b167e09c81dfa877eada3bcb35 with: repo-token: ${{ secrets.GITHUB_TOKEN }} build-script: build:website:en @@ -37,8 +37,8 @@ jobs: timeout-minutes: 30 runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: actions/setup-node@v3 + - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 https://api.github.com/repos/actions/checkout/git/tags/b0e28b5ac45a892f91e7d036f8200cf5ed489415 + - uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3 https://api.github.com/repos/actions/setup-node/git/commits/9ced9a43a244f3ac94f13bfd896db8c8f30da67a with: cache: yarn - name: Installation diff --git a/.github/workflows/canary-release.yml b/.github/workflows/canary-release.yml index e7557b4d79f6..68f41ce21124 100644 --- a/.github/workflows/canary-release.yml +++ b/.github/workflows/canary-release.yml @@ -12,11 +12,11 @@ jobs: name: Publish Canary runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 https://api.github.com/repos/actions/checkout/git/tags/b0e28b5ac45a892f91e7d036f8200cf5ed489415 with: fetch-depth: 0 # Needed to get the commit number with "git rev-list --count HEAD" - name: Set up Node - uses: actions/setup-node@v3 + uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3 https://api.github.com/repos/actions/setup-node/git/commits/9ced9a43a244f3ac94f13bfd896db8c8f30da67a with: node-version: '16' cache: yarn diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 69cb617ef87f..d445c4e21be2 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -27,12 +27,12 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 https://api.github.com/repos/actions/checkout/git/tags/b0e28b5ac45a892f91e7d036f8200cf5ed489415 - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@883476649888a9e8e219d5b2e6b789dc024f690c # v1 https://api.github.com/repos/github/codeql-action/git/commits/883476649888a9e8e219d5b2e6b789dc024f690c with: languages: ${{ matrix.language }} - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@883476649888a9e8e219d5b2e6b789dc024f690c # v1 https://api.github.com/repos/github/codeql-action/git/commits/883476649888a9e8e219d5b2e6b789dc024f690c diff --git a/.github/workflows/lighthouse-report.yml b/.github/workflows/lighthouse-report.yml index 5e7fc7d70fe0..b184d00e3bdd 100644 --- a/.github/workflows/lighthouse-report.yml +++ b/.github/workflows/lighthouse-report.yml @@ -10,16 +10,16 @@ jobs: name: Lighthouse Report runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 https://api.github.com/repos/actions/checkout/git/tags/b0e28b5ac45a892f91e7d036f8200cf5ed489415 - name: Wait for the Netlify Preview - uses: jakepartusch/wait-for-netlify-action@v1 + uses: jakepartusch/wait-for-netlify-action@7dcdeb40c6bc3710a8099702a1fa1ce2c5e322a6 # v1 https://api.github.com/repos/JakePartusch/wait-for-netlify-action/git/commits/7dcdeb40c6bc3710a8099702a1fa1ce2c5e322a6 id: netlify with: site_name: docusaurus-2 max_timeout: 600 - name: Audit URLs using Lighthouse id: lighthouse_audit - uses: treosh/lighthouse-ci-action@9.3.0 + uses: treosh/lighthouse-ci-action@b4dfae3eb959c5226e2c5c6afd563d493188bfaf # 9.3.0 https://api.github.com/repos/treosh/lighthouse-ci-action/git/commits/b4dfae3eb959c5226e2c5c6afd563d493188bfaf with: urls: | https://deploy-preview-$PR_NUMBER--docusaurus-2.netlify.app/ @@ -30,7 +30,7 @@ jobs: PR_NUMBER: ${{ github.event.pull_request.number}} - name: Format lighthouse score id: format_lighthouse_score - uses: actions/github-script@v6 + uses: actions/github-script@7f4e771d2b3022fa3b8bac499d4a547619f3ab10 # v6 https://api.github.com/repos/actions/github-script/git/tags/7f4e771d2b3022fa3b8bac499d4a547619f3ab10 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | @@ -55,7 +55,7 @@ jobs: - name: Add Lighthouse stats as comment id: comment_to_pr - uses: marocchino/sticky-pull-request-comment@v2.2.0 + uses: marocchino/sticky-pull-request-comment@39c5b5dc7717447d0cba270cd115037d32d28443 # v2.2.0 https://api.github.com/repos/marocchino/sticky-pull-request-comment/git/commits/39c5b5dc7717447d0cba270cd115037d32d28443 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} number: ${{ github.event.pull_request.number }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 7a69a1362274..4aa46bfc76a6 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -11,8 +11,8 @@ jobs: timeout-minutes: 30 runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: actions/setup-node@v3 + - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 https://api.github.com/repos/actions/checkout/git/tags/b0e28b5ac45a892f91e7d036f8200cf5ed489415 + - uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3 https://api.github.com/repos/actions/setup-node/git/commits/9ced9a43a244f3ac94f13bfd896db8c8f30da67a with: node-version: '16' cache: yarn diff --git a/.github/workflows/showcase-test.yml b/.github/workflows/showcase-test.yml index 83ad82c4cd5c..6e4ab5beea26 100644 --- a/.github/workflows/showcase-test.yml +++ b/.github/workflows/showcase-test.yml @@ -13,9 +13,9 @@ jobs: timeout-minutes: 30 runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 https://api.github.com/repos/actions/checkout/git/tags/b0e28b5ac45a892f91e7d036f8200cf5ed489415 - name: Set up Node - uses: actions/setup-node@v3 + uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3 https://api.github.com/repos/actions/setup-node/git/commits/9ced9a43a244f3ac94f13bfd896db8c8f30da67a with: node-version: '16' cache: yarn diff --git a/.github/workflows/tests-e2e.yml b/.github/workflows/tests-e2e.yml index 7bb9f842ffc6..b3158f102c27 100644 --- a/.github/workflows/tests-e2e.yml +++ b/.github/workflows/tests-e2e.yml @@ -21,9 +21,9 @@ jobs: matrix: node: ['14', '16', '17'] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 https://api.github.com/repos/actions/checkout/git/tags/b0e28b5ac45a892f91e7d036f8200cf5ed489415 - name: Use Node.js ${{ matrix.node }} - uses: actions/setup-node@v3 + uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3 https://api.github.com/repos/actions/setup-node/git/commits/9ced9a43a244f3ac94f13bfd896db8c8f30da67a with: node-version: ${{ matrix.node }} cache: yarn @@ -59,9 +59,9 @@ jobs: - variant: -st nodeLinker: pnp steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 https://api.github.com/repos/actions/checkout/git/tags/b0e28b5ac45a892f91e7d036f8200cf5ed489415 - name: Use Node.js 16 - uses: actions/setup-node@v3 + uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3 https://api.github.com/repos/actions/setup-node/git/commits/9ced9a43a244f3ac94f13bfd896db8c8f30da67a with: node-version: '16' cache: yarn @@ -104,9 +104,9 @@ jobs: timeout-minutes: 30 runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 https://api.github.com/repos/actions/checkout/git/tags/b0e28b5ac45a892f91e7d036f8200cf5ed489415 - name: Use Node.js 16 - uses: actions/setup-node@v3 + uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3 https://api.github.com/repos/actions/setup-node/git/commits/9ced9a43a244f3ac94f13bfd896db8c8f30da67a with: node-version: '16' cache: yarn @@ -133,9 +133,9 @@ jobs: timeout-minutes: 30 runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 https://api.github.com/repos/actions/checkout/git/tags/b0e28b5ac45a892f91e7d036f8200cf5ed489415 - name: Use Node.js 16 - uses: actions/setup-node@v3 + uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3 https://api.github.com/repos/actions/setup-node/git/commits/9ced9a43a244f3ac94f13bfd896db8c8f30da67a with: node-version: '16' cache: yarn diff --git a/.github/workflows/tests-swizzle.yml b/.github/workflows/tests-swizzle.yml index 611b92c8834a..ba06aec930d5 100644 --- a/.github/workflows/tests-swizzle.yml +++ b/.github/workflows/tests-swizzle.yml @@ -17,9 +17,9 @@ jobs: action: ['eject', 'wrap'] variant: ['js', 'ts'] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 https://api.github.com/repos/actions/checkout/git/tags/b0e28b5ac45a892f91e7d036f8200cf5ed489415 - name: Use Node.js - uses: actions/setup-node@v3 + uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3 https://api.github.com/repos/actions/setup-node/git/commits/9ced9a43a244f3ac94f13bfd896db8c8f30da67a with: node-version: 14 cache: yarn diff --git a/.github/workflows/tests-windows.yml b/.github/workflows/tests-windows.yml index 213ef8a3e0f6..d632734aa5a1 100644 --- a/.github/workflows/tests-windows.yml +++ b/.github/workflows/tests-windows.yml @@ -18,9 +18,9 @@ jobs: steps: - name: Support longpaths run: git config --system core.longpaths true - - uses: actions/checkout@v3 + - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 https://api.github.com/repos/actions/checkout/git/tags/b0e28b5ac45a892f91e7d036f8200cf5ed489415 - name: Use Node.js ${{ matrix.node }} - uses: actions/setup-node@v3 + uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3 https://api.github.com/repos/actions/setup-node/git/commits/9ced9a43a244f3ac94f13bfd896db8c8f30da67a with: node-version: ${{ matrix.node }} - name: Installation diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 33992216fe48..7073b86274f5 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -16,9 +16,9 @@ jobs: matrix: node: ['14', '16', '17'] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 https://api.github.com/repos/actions/checkout/git/tags/b0e28b5ac45a892f91e7d036f8200cf5ed489415 - name: Use Node.js ${{ matrix.node }} - uses: actions/setup-node@v3 + uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3 https://api.github.com/repos/actions/setup-node/git/commits/9ced9a43a244f3ac94f13bfd896db8c8f30da67a with: node-version: ${{ matrix.node }} cache: yarn